plass is a password manager. Every
password lives inside a gpg(1)
encrypted file somewhere inside ~/.password-store
which is managed with the got(1) version control system to keep track of changes, recovery
accidental overwrites and synchronize it across devices.
The options are as follows:
- Display usage information and exit immediately.
The following commands are available:
- Decrypt and print the content of entries in the given order.
- Interactively modify the content of the given entry with an editor.
- Print the entries of the store one per line, optionally filtered by the case-insensitive extended regular expression pattern.
- Rename a password entry, doesn't work with directories. from must exist and to mustn't.
- Remove the given entries from the store.
- Persist the data read from standard input into the store under the given
entry name and then print it again on the standard
output unless the
-qoption is given.
Password entries can be referenced using the path relative to the store directory. The file extension “.gpg” can be omitted.
- Path to the gpg(1) executable.
- Alternative path to the password store directory tree.
- The editor spawned by
edit. If not set, the ed(1) text editor will be used to give it the attention it deserves.
- Default password store.
- File containing the GPG recipient used to encrypt the passwords.
plass utility exits 0 on
success, and >0 if an error occurs.
A got repository and password store can be initialized as follows:
$ mkdir ~/.password-store $ echo firstname.lastname@example.org > ~/.password-store/.gpg-id $ gotadmin init ~/git/pass.git $ got import -r ~/git/pass.git -m 'initial import' ~/.password-store $ got checkout -E ~/git/pass.git ~/.password-store
see got(1) for more information.
To migrate from pass(1), delete ~/.password-store and check out it again using got(1).
Generate a random password and save it to the clipboard:
$ pwg | plass tee entry/name | xsel -b
Generate a TOTP token using the secret stored in the password store:
$ plass cat 2fa/codeberg/op | totp 722524
Interactively edit the contents of entry/name with mg(1):
$ env VISUAL=mg plass edit entry/name
Display the entries matching ‘key’ arranged comfortably for reading in a terminal window:
$ plass find key | rs
Enable tab-completion of
names and entries in ksh(1):
$ set -A complete_plass_1 -- cat edit find mv rm tee $ set -A complete_plass -- $(plass find)
got(1), gpg(1), pwg(1), totp(1)
plass was heavily influenced by
pass(1) in the design, but
it's a different implementation that prioritizes ease of use and
plass utility was written by
format isn't designed to handle files containing newlines. Use
-print0 or similar if it's a concern.
mv is not
able to move directory trees, only file entries.
There isn't an
init sub-command, the store
initialization must be performed manually.